The audit log endpoint enables you to retrieve log entries from Torq. The logs are retrieved for the workspace on which the API key used for authenticating the request was created. For more information, see the audit logs documentation.
Will retrieve log entries created after this timestamp. This parameter is optional. If empty, will retrieve all log entries from the previous 24 hours until the end timestamp. If neither a start or end timestamp is provided, will pull all log entries created in the last 24 hours. Timestamps are in RFC 3339 format, for example, 2022-03-09T08:40:18.490771179Z.
Will retrieve log entries created before this timestamp. This parameter is optional. If empty, will retrieve all log entries from the start timestamp until now. If both the start or end timestamp are empty, will pull all log entries created in the last 24 hours. Timestamps are in RFC 3339 format, for example, 2022-03-09T08:40:18.490771179Z.
The maximum number of log entries to retrieve per page. Default is 100. Maximum is 500. If results exceed the defined page size, use pagination to retrieve the next page
Token received from a previous List audit logs request. Provide this to retrieve the next page of results.
Sort results by timestamp. Can be asc (oldest first) or desc (latest first). Default is desc.
A successful response.
An array of audit log objects.
Unique identifier of the log entry.
The timestamp when the action that created the log entry was performed. For example, if a secret was deleted, it's the timestamp when the secret was was deleted.
The email address of the actor that performed the action that created the log entry. If actor type is "web_app", it's the authenticated user's email address. If the actor type is api_key, it's the email address of the user that generated the API key.
The name of the actor that performed the action that created the log entry. Can be the user name or the API key name.
The type of actor that performed the action that created the log entry. Can be "web_app", "api_key", or "slack".
The action that created the log entry. For example: "Integration created".
Unique identifier of the resource on which the action was taken.
The name of the resource on which the action was taken. For example, if a secret was deleted, this would be the name of the secret that was deleted.
The IP address of the actor, either a public IPv4 or IPv6 address.
The data that the browser sends in the User-Agent header in the HTTP request. This information is not authenticated and should be treated accordingly.
Additional data relevant to the action performed. Workflows will include the revision id, users will include the user's role.
Unique identifier of the workspace where the action was performed.
The name of the workspace where the action was performed.
When a token is returned it indicates there is another page of results to retrieve. Pass this token in the pageToken parameter in a subsequent List audit logs request to retrieve the next page of results. If this field is empty, there are no additional pages to retrieve.
Invalid bearer token. If you receive this message more than once try creating a new Client ID/Client Secret or generating a new bearer token.
You don't have permission to access this resource.